Exception: ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry.
Il seguente errore:
può essere dovuto a caratteri strani presenti nel Thunbprint del certificato nel web.config.
Ecco un esmpio di web.config con relativo Thumbprint:
L'unico modo per verificare se il thumbprint è pulito consiste nell'incollarlo in una console application:
Per correggere il problema copia solo i caratteri del Thumbprint o riscrivitelo a mano eliminando gli spazi.
Exception: ID4175: The issuer of the security token was not recognized by the IssuerNameRegistry. To accept security tokens from this issuer, configure the IssuerNameRegistry to return a valid name for this issuer.
Stack Trace: at Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.CreateClaims(SamlSecurityToken samlSecurityToken)
at Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.ValidateToken(SecurityToken token)
at Microsoft.IdentityModel.Tokens.SecurityTokenHandlerCollection.ValidateToken(SecurityToken token)
at Microsoft.IdentityModel.Web.TokenReceiver.AuthenticateToken(SecurityToken token, Boolean ensureBearerToken, String endpointUri)
at Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.SignInWithResponseMessage(HttpRequest request)
at Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean completedSynchronously)
Stack Trace: at Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.CreateClaims(SamlSecurityToken samlSecurityToken)
at Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.ValidateToken(SecurityToken token)
at Microsoft.IdentityModel.Tokens.SecurityTokenHandlerCollection.ValidateToken(SecurityToken token)
at Microsoft.IdentityModel.Web.TokenReceiver.AuthenticateToken(SecurityToken token, Boolean ensureBearerToken, String endpointUri)
at Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.SignInWithResponseMessage(HttpRequest request)
at Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean completedSynchronously)
può essere dovuto a caratteri strani presenti nel Thunbprint del certificato nel web.config.
Ecco un esmpio di web.config con relativo Thumbprint:
XML
<microsoft.identityModel>
<service>
<audienceUris>
<add value="urn:mipersonalidentificator" />
</audienceUris>
<federatedAuthentication>
<wsFederation passiveRedirectEnabled="true" issuer="https://adfs.sgart.local/adfs/ls/" realm="urn:mipersonalidentificator" requireHttps="true" />
<cookieHandler requireSsl="false" />
</federatedAuthentication>
<applicationService>
<claimTypeRequired>
<claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" optional="true" />
<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" optional="true" />
<claimType type="http://schemas.xmlsoap.org/claims/UPN" optional="true" />
</claimTypeRequired>
</applicationService>
<issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">
<trustedIssuers>
<add thumbprint="2e5e9ddad8866f1c5ac014a3dbec688f108caf85" name="https://adfs.sgart.local/adfs/services/trust" />
</trustedIssuers>
</issuerNameRegistry>
<certificateValidation certificateValidationMode="None" />
</service>
</microsoft.identityModel>
L'unico modo per verificare se il thumbprint è pulito consiste nell'incollarlo in una console application:
DOS / Batch file
?2e 5e 9d da d8 86 6f 1c 5a c0 14 a3 db ec 68 8f 10 8c af 85
Per correggere il problema copia solo i caratteri del Thumbprint o riscrivitelo a mano eliminando gli spazi.